The Damballa First Half 2011 Threat Report looks at Internet crime trends with a specific focus on criminal command-and-control (C&C) activity over the first six months of 2011.
Key Findings Include:
Mobile/Android Threats Growing
- The number of hijacked Android devices engaging in 'live' communications with criminal operators grew at a significant rate.
- Having mobile malware contact the criminal operator and establish two-way Internet communication now makes the mobile market as susceptible to criminal breach activity as desktop devices.
Top 10 Most Abused Top Level Domains Represent 90% of All Live C&C Activity
- Top Level Domains (TLD) .com, .info, .net, .org, and .biz are among the top ten most abused by criminals.
- The TLD ".in" (India) ranked as the fifth most popular TLD for C&C.
SpyEye-Powered Botnets Jump to Number One
- Only three of the top ten largest botnets for the first half of 2011 appeared in the "Damballa Top 10 Botnets for 2010 Threat Report."
- OneStreetTroop, the Damballa reference to a botnet operation reliant on crimeware generated by the popular SpyEye do-it-yourself (DIY) construction set, climbed from tenth position in 2010 to first position for the first half of 2011.
- Eight out of the top ten largest botnets utilize popular "off-the-shelf" DIY crimeware construction kits.
No comments:
Post a Comment